Dridex P2P Malware

Original release date: October 13, 2015
Systems Affected Microsoft Windows
Overview
Dridex, a peer-to-peer (P2P) bank credential-stealing malware, uses a decentralized network infrastructure of compromised personal computers and web servers to execute command-and-control (C2). The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI) and the Department of Justice (DOJ), is releasing this Technical Alert to provide further information about the Dridex botnet.

In one example, Ghinkul and his gang allegedly transferred $2.1 million from an account of Penneco Oil Company, based in Delmont, Pennsylvania, to one in Krasnodar, Russia, on Aug. 31, 2012, according to the indictment.
Four days later, Penneco Oil was hit again, this time with $1.3 million going to an account in Minsk, Belarus. The same day, the group allegedly tried to transfer a further $76,520 from the company's accounts.

Click to expand...

Have the company not noticed they were robbed? They should've acted right after the first attack.

A mysterious hacker is having a laugh at Dridex's expense once again after he recently hacked the malware's botnet and replaced the Locky ransomware with an empty file that contained the phrase "Stupid Locky."